Report - message-notific.club/tds/daopush

Report Overview

Submitted URL
message-notific.club/tds/daopush
IP
172.67.199.188
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-16 04:31:35
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	1.3 kB	3.5 kB	23.36.76.226
retarget2core.com	86164	2021-10-14T09:26:59Z	2023-03-09T12:12:52Z	917 B	979 B	35.157.196.4
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	431 B	746 B	142.250.74.10
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	1.6 kB	3.2 kB	93.184.220.29
gomydates.com	unknown	2022-02-03T19:56:34Z	2023-03-09T10:44:22Z	9.5 kB	218 kB	3.67.232.45
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T10:01:47Z	461 B	24 kB	172.217.21.163
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-09T13:40:16Z	377 B	49 kB	142.250.74.168
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	54.148.242.254
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-09T05:09:51Z	384 B	15 kB	104.17.24.14
cdn3reference.com	unknown	2022-03-18T04:16:13Z	2023-03-09T12:12:52Z	2.0 kB	137 kB	54.230.111.111
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-09T12:13:09Z	375 B	12 kB	142.250.74.163
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	676 B	2.0 kB	143.204.42.158
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	1.7 kB	3.5 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	51 kB	34.120.237.76
message-notific.club	564491	2021-11-03T14:40:16Z	2023-03-01T03:15:29Z	800 B	1.6 kB	172.67.199.188
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.27
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-16	medium	message-notific.club/tds/daopush	Phishing
2022-10-16	medium	gomydates.com/bridge/intg.js?v=8	Phishing
2022-10-16	medium	gomydates.com/bridge/ao_loader.js	Phishing
2022-10-16	medium	gomydates.com/integration.js	Phishing
2022-10-16	medium	gomydates.com/ao.js	Phishing
2022-10-16	medium	gomydates.com/tds/interlayer?handler=FrodiData	Phishing
2022-10-16	medium	message-notific.club/tds/daopush	Phishing
2022-10-16	medium	gomydates.com/bridge/frodi_data.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	gomydates.com/integration.js	1.8 kB	2023-03-07	2023-03-10
Pretty URL gomydates.com/integration.js IP 3.67.232.45 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:42:34 Last Seen2023-03-10 14:01:23 Times Seen1 Hash b4fcbda290399b139001814d59d5020f 43eca4df306e4e7e19234a8c1200a0d89e321442 31d2bd8b8e30c0fc73cda525cfd649caee6f9ebedb83c7d03a74672c3709079a Loading...

	gomydates.com/ao.js	5.4 kB	2023-03-08	2023-03-11
Pretty URL gomydates.com/ao.js IP 3.67.232.45 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:53 Last Seen2023-03-11 23:29:50 Times Seen1 Hash ce09d14c7f77aca5540b8698fc8660e9 615280b6e7ad2283a4189e3899c6f4be35512a61 3c26c141856ddfee1337878ecbe13e65ce7127fd42fd7e845ad4e1592d5e6411 Loading...

	gomydates.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fgomydates.com%2Fjump%3Ftds_cid%3D06d94fd0618225e84a5dfca486bcbcae831a9a8a%26dci%3D38150a1bfba8e4c7fc687d9bcc8948b61cf0129c%26clickid%3D%257Bclickid%257D%26tds_oid%3D23302%26s1%3Dps%26tds_rt%3D%26tds_campaign%3Db0506rie%26_tgUrl%3DaHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw%26subid2%3D%257Bsubid2%257D%26affid%3D9559e5a1%26id%3D23302%26tds_ac_id%3Ds0624kas%26tds_id%3Db0506rie_jump_a_1601039183809%26tds_host%3Dgomydates.com%26tds_p_campaign%3Db4979kas%26subid%3Ddao%26utm_source%3Dintc%26tds_ao%3D1&uaDataValues={}	369 kB	2023-03-10	2023-03-10
Pretty URL gomydates.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fgomydates.com%2Fjump%3Ftds_cid%3D06d94fd0618225e84a5dfca486bcbcae831a9a8a%26dci%3D38150a1bfba8e4c7fc687d9bcc8948b61cf0129c%26clickid%3D%257Bclickid%257D%26tds_oid%3D23302%26s1%3Dps%26tds_rt%3D%26tds_campaign%3Db0506rie%26_tgUrl%3DaHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw%26subid2%3D%257Bsubid2%257D%26affid%3D9559e5a1%26id%3D23302%26tds_ac_id%3Ds0624kas%26tds_id%3Db0506rie_jump_a_1601039183809%26tds_host%3Dgomydates.com%26tds_p_campaign%3Db4979kas%26subid%3Ddao%26utm_source%3Dintc%26tds_ao%3D1&uaDataValues={} IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:16:53 Last Seen2023-03-10 10:16:53 Times Seen1 Hash e4844cd768f11eff14b748eaa96cb116 02f4d357968f72f7d9effb9c3adee3b3c24e30e3 83f102ce2a092985015705fca5a1aba234415df908a6e1d171201167d9143589 Loading...

	retarget2core.com/fp/fp_ec.js	1.2 kB	2023-03-07	2023-03-29
Pretty URL retarget2core.com/fp/fp_ec.js IP 35.157.196.4 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-03-29 23:19:33 Times Seen17 Hash 6faaf5b255433abc88fbe4a547ac7784 c60ab4a050864bbd815922e5abade6d5af4333a6 7eda108904da9c98eeeeab666426197e6738b78dfd103a653897d14366e2cd20 Loading...

	cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8	8.9 kB	2023-03-07	2023-05-14
Pretty URL cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8 IP 54.230.111.111 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-05-14 11:44:44 Times Seen2 Hash c0fafab6f2cbb33a818ba23d30f68842 c016126575618881427fdc86eed31717844f0573 85f09c34c4b7fc07125b5a5c84f6bbd1dde7df7f1ee059701a3660264300342f Loading...

	gomydates.com/bridge/intg.js?v=8	317 B	2023-03-08	2023-03-17
Pretty URL gomydates.com/bridge/intg.js?v=8 IP 3.67.232.45 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:30:48 Last Seen2023-03-17 23:34:04 Times Seen1 Hash d9bd6d4fe07232e0fcae03c7e68d4e81 4a7e1c2e8cc35c2ff31c71175095f4b1a2b8c17b 0ad2eb2d6a74f3d18026ab24c088ca7c561a742fd870e44045db9d823ac0a3c6 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer	129 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:16:53 Last Seen2023-03-10 10:17:33 Times Seen1 Hash 48d3c96648af72e40648ae5c7ef67d89 7260451a62f2d392a77a5dc157d00b99abd9d332 d9ae63b369a645c2612c23706caee6f25e54386e2909495989bf28a9d8e0a984 Loading...

	gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1	446 B	2023-03-10	2023-03-10
Pretty URL gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1 IP 3.67.232.45 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:16:53 Last Seen2023-03-10 10:16:53 Times Seen1 Hash e789ad9670e56a602f84d58313a7a107 d79ca29727c137a41ca67cbc49463b15350a3bc6 afa140bf1b8cf258fb62cafe60ad346fc677b89e4842f944f86a3b76a5d0844d Loading...

	gomydates.com/bridge/ao_loader.js	836 B	2023-03-08	2023-03-17
Pretty URL gomydates.com/bridge/ao_loader.js IP 3.67.232.45 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:00:33 Last Seen2023-03-17 23:34:04 Times Seen1 Hash 9c129816fdafb5e9525563ba64018bd7 79dfb5a385a3583a597716ac4b1e1649e9b9994d 43d06cd88d872d0f1ab73eda7cf55805382dfd0d56bb90aad3398c72a5bb4acf Loading...

	gomydates.com/bridge/frodi_data.js	6.6 kB	2023-03-07	2023-12-25
Pretty URL gomydates.com/bridge/frodi_data.js IP 3.67.232.45 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-12-25 02:16:58 Times Seen154 Hash acba46edbe151b3ac5b3a3ad6adb6852 967fc6c8942a27986534f16a8a5ae2f71b0481bf 544d040fe3985f2f3f2f519c6db58110b24d23c8b13e794a988ec90a05b48658 Loading...

	gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1	477 B	2023-03-07	2023-03-26
Pretty URL gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1 IP 3.67.232.45 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:50 Last Seen2023-03-26 05:49:30 Times Seen3 Hash c74ff215c2fc7d225eefef477e999834 91132a96971a35163036d8c38bc31984dc1a14b2 f85068533c72e63b3bc55c0513611cb561a726db60a52280788968e88cb2049f Loading...

	cdn3reference.com/js/dc_img.js?v=8	488 B	2023-03-07	2023-05-14
Pretty URL cdn3reference.com/js/dc_img.js?v=8 IP 54.230.111.111 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-05-14 11:44:44 Times Seen18 Hash 866e1e7da88eb0918114ea04e4379f40 cb9ed6b52f93bead89eb5da6d618c9b58b34a2b5 ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53 Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	48 kB	2023-03-07	2024-04-24
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2024-04-24 09:47:21 Times Seen45972 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js	41 kB	2023-03-07	2024-03-15
Pretty URL www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2024-03-15 04:59:29 Times Seen198 Hash 52b93c8b7bb7aef40485730815c2740e 255cf5423f46a8ab94f42afa2df47db7ebac8e5c fe26228f1a864cab3d5ec46c99bed380a8194c2c3ec19ad0f82b2910e901ca54 Loading...

		Size	First Seen	Last Seen
	#1 Eval - ca45c42226c1d974d33ba66f5fbec226	273 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:31:53 Last Seen2024-04-24 09:26:55 Times Seen299 Hash ca45c42226c1d974d33ba66f5fbec226 acdf858cb51509213a6b58ea26c99788ffa9ba51 8f61ee4a89b9d76a579f5ed446960dc9aba5dad5f67f5676bc5aab5f8fe726b3 Loading...

HTTP Transactions (52)

URL IP Response Size

message-notific.club/tds/daopush

172.67.199.188

301 Moved Permanently

0 B

URL HTTP/1.1
message-notific.club/tds/daopush
IP
172.67.199.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /tds/daopush HTTP/1.1
Host: message-notific.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 16 Oct 2022 04:31:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 16 Oct 2022 05:31:23 GMT
Location: https://message-notific.club/tds/daopush
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRzjjV%2F7%2FlRYbH8qbnDl9jWMPZsJ9Owtv85XQA8kWAbcYB6bzNzuK%2FOzxX1zndDsWxyc%2FTuoqaPzHoMZjfOyCjUoaGB%2FYEo5xF2FGTc%2FG%2Fe8h2WI%2B76zsT8vGQXSAuLoFn1cXMABIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ae108e9ea41bfe-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 16 Oct 2022 03:50:25 GMT
Expires: Sun, 16 Oct 2022 03:59:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ieFx59EFwEMhfvV_tjLbpR6cHbtxdJV6-rVZQHYjY5hBRgEr5ySoaQ==
Age: 2459

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
07b3389fc24c0f8eb82a9d05b546d17e
02716741b8952e548b9a223adbb3f16204eef2b2
25e13458988115ae1f8176cb2328dbfebd612eabebf256b4af64594d5e23d6ca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25E13458988115AE1F8176CB2328DBFEBD612EABEBF256B4AF64594D5E23D6CA"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6566
Expires: Sun, 16 Oct 2022 06:20:50 GMT
Date: Sun, 16 Oct 2022 04:31:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7897
Expires: Sun, 16 Oct 2022 06:43:01 GMT
Date: Sun, 16 Oct 2022 04:31:24 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: m9DYmS6kAL/2l1k8rjSHgxILZscUAWnatcGlPK7ncjN7LHPH2XFF+0WPQhreo6eotJT/toQwTkM=
x-amz-request-id: FJGZ8JYZMQJB40VH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 16 Oct 2022 04:02:51 GMT
age: 1713
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
863cad205c5f9cfe0ad6bbfff55753f1
1b73b947b7c4acdabd65869a5a43d615ef95fc87
5a4dcba93935aac86cc4c7c45c4d40f7b9e92e338af377cc6afc655cd8f44527

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=138231
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:24 GMT
Etag: "634b0213-117"
Expires: Mon, 17 Oct 2022 18:55:15 GMT
Last-Modified: Sat, 15 Oct 2022 18:55:15 GMT
Server: nginx
Content-Length: 279

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 04:31:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
863cad205c5f9cfe0ad6bbfff55753f1
1b73b947b7c4acdabd65869a5a43d615ef95fc87
5a4dcba93935aac86cc4c7c45c4d40f7b9e92e338af377cc6afc655cd8f44527

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=138231
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:24 GMT
Etag: "634b0213-117"
Expires: Mon, 17 Oct 2022 18:55:15 GMT
Last-Modified: Sat, 15 Oct 2022 18:55:15 GMT
Server: nginx
Content-Length: 279

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
76aa886e50744f1cff3e37ef5e08c610
4de95b31dd6f2f2e870fd6fa2a42c2fba4587030
e260dd6fb84d71d68332b7160c6b7c7e609b13b1c24e53a93c25571e95ace821

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171697
Date: Sun, 16 Oct 2022 04:31:24 GMT
Etag: "634b84cd-1d7"
Expires: Tue, 18 Oct 2022 04:13:01 GMT
Last-Modified: Sun, 16 Oct 2022 04:13:01 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1tqVUc1UY1JMz8wOsXsgMsKg5Sv2Q2m0zJ-8OlhHmvxPVGGgG7xFBA==

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 16 Oct 2022 04:07:43 GMT
Cache-Control: max-age=3600
Expires: Sun, 16 Oct 2022 05:06:19 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BBTB-RjJO8YnDnoRj1y7rWf2qD-HOFWtSdZaLhABxsvaRarAxOcnuw==
Age: 1421

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
301aafc13bc66315321d9476df002258
e6bfd29899543fcd4d1b332623757bbad355306f
c64315afdfcf146b16942d981588ed912650472c5e2bba7b6f8dee396d820860

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3046
Cache-Control: max-age=102377
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:24 GMT
Etag: "634a6a1f-1d7"
Expires: Mon, 17 Oct 2022 08:57:41 GMT
Last-Modified: Sat, 15 Oct 2022 08:06:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.148.242.254

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.242.254:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tAmE+6h1P1FSd4vtcpayJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2SLu3GXRCg1b4rWV6Or52iAwUu8=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0efa623bed47d42f69be9e523e7725f4
b301c00ee9ab5778b326edea3bc274f8ae46da15
c7d4afc16dd19b5216a9c34cf3048b4e6dff056608666d6d40c9f5eeeae309a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gomydates.com/bridge/intg.js?v=8

3.67.232.45

200 OK

317 B

URL HTTP/2
gomydates.com/bridge/intg.js?v=8
IP
3.67.232.45:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (316)
Size
317 B (317 bytes)
Hash
d9bd6d4fe07232e0fcae03c7e68d4e81
4a7e1c2e8cc35c2ff31c71175095f4b1a2b8c17b
0ad2eb2d6a74f3d18026ab24c088ca7c561a742fd870e44045db9d823ac0a3c6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bridge/intg.js?v=8 HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
content-type: application/javascript; charset=UTF-8
content-length: 317
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 13 Oct 2022 13:16:30 GMT
etag: W/"13d-183d17d3fb0"
vary: Accept-Encoding
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0efa623bed47d42f69be9e523e7725f4
b301c00ee9ab5778b326edea3bc274f8ae46da15
c7d4afc16dd19b5216a9c34cf3048b4e6dff056608666d6d40c9f5eeeae309a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
5fada94ec59c5b97b9510ed352eae4fe
50c92953754d931fd10d4789a2d3a651f042551e
71356493f95aaee7069bb3b06b02e9709a630276e702b9d0b418f9cc3817a367

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6249
Cache-Control: max-age=146264
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:25 GMT
Etag: "634b090c-118"
Expires: Mon, 17 Oct 2022 21:09:09 GMT
Last-Modified: Sat, 15 Oct 2022 19:25:00 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280

cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

104.17.24.14

200 OK

14 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (48316), with no line terminators
Size
14 kB (13972 bytes)
Hash
2e46e3b0807c19e0ee85603dd4ba3f72
cb55679976d9a5d9933f291218b8ff0f95ebdc17
87a3f839cfc8bca3368a7dec7c5ff14e5f613928e899b601292b5a1f1bd5dc05

HTTP Headers

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5745508
expires: Fri, 06 Oct 2023 04:31:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KMcuGdgi0ofxB3ORjyWjAfqya8Zq91mPcWpyfiYr1VpmcmZPsARLBi3WRsmyk9tDGaYna7S1l%2FQiQ8QYCt51YAxgCWTkmpSBIRAjuWTU5eOSaEsx78dYekteG%2Fmd%2BuqSX5UQ2u9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75ae109a1fadb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
5fada94ec59c5b97b9510ed352eae4fe
50c92953754d931fd10d4789a2d3a651f042551e
71356493f95aaee7069bb3b06b02e9709a630276e702b9d0b418f9cc3817a367

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6249
Cache-Control: max-age=146264
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:25 GMT
Etag: "634b090c-118"
Expires: Mon, 17 Oct 2022 21:09:09 GMT
Last-Modified: Sat, 15 Oct 2022 19:25:00 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280

gomydates.com/bridge/ao_loader.js

3.67.232.45

200 OK

836 B

URL HTTP/2
gomydates.com/bridge/ao_loader.js
IP
3.67.232.45:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (835)
Size
836 B (836 bytes)
Hash
9c129816fdafb5e9525563ba64018bd7
79dfb5a385a3583a597716ac4b1e1649e9b9994d
43d06cd88d872d0f1ab73eda7cf55805382dfd0d56bb90aad3398c72a5bb4acf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bridge/ao_loader.js HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
content-type: application/javascript; charset=UTF-8
content-length: 836
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 13 Oct 2022 13:16:30 GMT
etag: W/"344-183d17d3fb0"
vary: Accept-Encoding
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5f309b801fdcff49c832652cf9f67fed
f0b6a27d0995fd7fd40f23ee385f8fe1fd752c13
53663428a1b73aeee2fc68815b072ad9ced52bfd3726416aaab332c29eb3aab6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
254c0f79943125eff7adbf9cb30d2b46
e24342391b47646fbbe9fa6a26dd95c0eadda7e5
35052bd13c72ac6c33ec3aa08ae793c5e12d2edeec5c91c9e2b2ac4762c3fc67

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

172.217.21.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
172.217.21.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gomydates.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Oct 2022 17:10:21 GMT
expires: Wed, 11 Oct 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 386464
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer

142.250.74.168

200 OK

49 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4073)
Size
49 kB (48631 bytes)
Hash
4cb9073f83d1628f57d8a78169973a0e
e3f33c9bfa46504ca25af6d751ec67da167472d7
6fb982a1c0be0d31be2f9daccdd3174e9ed523334d346079ecaeecd0c8dc823f

HTTP Headers

GET /gtm.js?id=GTM-KMSJRW&l=adsLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 16 Oct 2022 04:31:25 GMT
expires: Sun, 16 Oct 2022 04:31:25 GMT
cache-control: private, max-age=900
last-modified: Sun, 16 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn3reference.com/landings/23302/images/bg-web2.jpg

54.230.111.111

200 OK

134 kB

URL HTTP/2
cdn3reference.com/landings/23302/images/bg-web2.jpg
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1813x809, components 3\012- data
Size
134 kB (134448 bytes)
Hash
ef1a29775d4ead3628064718b908a24d
bdd05dca0cd677973768797fef9bf486a63b8929
650dc0654bd6a95350f544d863fc2a8cf6ac1010a9075b476febee2d861dc77b

HTTP Headers

GET /landings/23302/images/bg-web2.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3reference.com/landings/23302/css/62785c7b6ca9a16c41ce1f973cf812b4.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 134448
server: nginx
last-modified: Tue, 02 Apr 2019 14:25:38 GMT
accept-ranges: bytes
date: Sun, 16 Oct 2022 04:31:25 GMT
cache-control: public, max-age=604800
etag: "20d30-5858ce9347c80"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9VIEnB1b16wY9DOBuYViD0GcDSXJlCM_Kybs1QzErY5haouZUFku0w==
X-Firefox-Spdy: h2

cdn3reference.com/js/dc_img.js?v=8

54.230.111.111

200 OK

795 B

URL HTTP/2
cdn3reference.com/js/dc_img.js?v=8
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type
data
Size
795 B (795 bytes)
Hash
7420f510cd4ac8a7b078d08005c1c6df
1030281000d92c7c66c62cea30d7eaec2a53b03e
3bad7180c3b574808c7dd3ee87729044616339642f8b8f9ba9902ac26f2a30f1

HTTP Headers

GET /js/dc_img.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 16 Oct 2022 04:31:25 GMT
last-modified: Thu, 29 Oct 2020 09:22:15 GMT
content-encoding: gzip
etag: W/"1e8-5b2cbd0d9620d"
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v9oqMusrDsElDD297X6K1qmJNiJt8qcMo0TwMpUWkP-Zr1a0ThC1_Q==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5f309b801fdcff49c832652cf9f67fed
f0b6a27d0995fd7fd40f23ee385f8fe1fd752c13
53663428a1b73aeee2fc68815b072ad9ced52bfd3726416aaab332c29eb3aab6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0d383db64d69da7c461bb6c5c47c0083
81c3aad9cdea315c49725ec398a08e8600d09581
b3edb516c961ac7c952dd32259ce0410f62c93fd211694e8b2a44177640b3ca0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140714
Date: Sun, 16 Oct 2022 04:31:25 GMT
Etag: "634b0bc7-1d7"
Expires: Mon, 17 Oct 2022 19:36:39 GMT
Last-Modified: Sat, 15 Oct 2022 19:36:39 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8NfaVZ2jw4hD70kSGN2w6cig9ZLLzZFrqO45Q0fef7wAeDb-AHYxPw==

gomydates.com/integration.js

3.67.232.45

200 OK

206 kB

URL HTTP/2
gomydates.com/integration.js
IP
3.67.232.45:0
ASN
#16509 AMAZON-02

File type
data
Size
206 kB (205581 bytes)
Hash
74a0ea897bdab5083867a77f21096449
713de464f2357910332681583403621639aa84b1
1872936a3892a2dd9500fc18f13885ea26076bd7203ad23274188e4de8b3dfd1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /integration.js HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"712-Q+yk3zBuTn4ZI0qMEgCg2J4yFEI"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

gomydates.com/ao.js

3.67.232.45

200 OK

2.6 kB

URL HTTP/2
gomydates.com/ao.js
IP
3.67.232.45:0
ASN
#16509 AMAZON-02

File type
data
Size
2.6 kB (2605 bytes)
Hash
ff1698e2ea1bfd5e85e4533296ae0808
7e6e49a566f3318800098d0a7ec0e19a3ebe0136
6067220559b275c466a0a474611cacb4278db86c20879e5fc4c4baa40950b742

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ao.js HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 13 Oct 2022 13:16:30 GMT
etag: W/"1509-183d17d3fb0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js

142.250.74.163

200 OK

11 kB

URL HTTP/2
www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40876)
Size
11 kB (10869 bytes)
Hash
5df942bc55c20f421cf56876855ced51
61e1c33b26d5a693425a8c229f90b1ea39736f29
3fb9f58427a7229af7bfb3c37e2f9718ba1e8776c368a80c511c6e27466d4932

HTTP Headers

GET /firebasejs/8.6.8/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10869
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Oct 2022 00:45:10 GMT
expires: Sat, 14 Oct 2023 00:45:10 GMT
cache-control: public, max-age=31536000
age: 186376
last-modified: Thu, 01 Jul 2021 23:11:55 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13987
Expires: Sun, 16 Oct 2022 08:24:33 GMT
Date: Sun, 16 Oct 2022 04:31:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13987
Expires: Sun, 16 Oct 2022 08:24:33 GMT
Date: Sun, 16 Oct 2022 04:31:26 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a1f1175-4b02-4c87-a3f1-9bf1f46d8149.jpeg

34.120.237.76

200 OK

4.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a1f1175-4b02-4c87-a3f1-9bf1f46d8149.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.1 kB (4070 bytes)
Hash
ea3de9de60463838cdf30a974f092684
542b753fe420651c67739d3c51927e10ececa4aa
b69cc2d2af1d3bfb36a82198562fefbe822f58249e6f85903b3bbe8c207468b2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a1f1175-4b02-4c87-a3f1-9bf1f46d8149.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4070
x-amzn-requestid: 2de050df-01e6-487a-99ff-ac452ecb3706
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFCpbFUbIAMF9dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b7e3c-2ee6c44f4993d1a51ba3e9cb;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 03:45:00 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pZjRH7IfMdLhJexGioaByUi4ASNvUMhq41oYLzcH5VKXL228XdRP-w==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 03:49:28 GMT
age: 2518
etag: "542b753fe420651c67739d3c51927e10ececa4aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6367 bytes)
Hash
df5f38c3dc43ccc382d0274bffb6b350
9a305072cce8bb61ca3753bb98b999695fb4706e
20ff21892e65787fecbadca0f59c05e54dee3a1359271839dab0ee5c9e796ab0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6367
x-amzn-requestid: 485c3cf9-d305-4540-8eef-8304d1103ccc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5EHbOoAMFWsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a0-2ac206d826bf23193740e74c;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j4GFPRLOwyEGJVrC4uk01vi858DLWzDtUNZkfmbJ1ybrMV4xEdOIVg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:50:24 GMT
age: 24062
etag: "9a305072cce8bb61ca3753bb98b999695fb4706e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb25d7cce-c352-4b25-a8c5-aa8493d99e4c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9260 bytes)
Hash
e20daa74ab04b1b9859672acfc070f7e
d291947f161c928e6c6682a05835478b5f0cffc5
ebbe051930f46dd25de2a4c5795f3bdddf1513c0657cdc986c48f3dfdc90f575

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb25d7cce-c352-4b25-a8c5-aa8493d99e4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9260
x-amzn-requestid: dfd8deb0-fc73-4321-b024-330b2a3d1759
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aENyFH9RoAMF24w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b29a6-0aaf75c43b51d5775bc48a95;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:44:06 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YVZ4EN-w7lmXTXKTy_A-9P0TW0zAqSa7j5_G2M1XnS-j3EfJSEFplw==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:58:49 GMT
age: 23557
etag: "d291947f161c928e6c6682a05835478b5f0cffc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc2961d5-5c3c-41f9-9f68-1ffdbc852581.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8007 bytes)
Hash
dba6e2332080f3b6c7edd6400a328d77
2fe9ab49ee40a2aec3084ed18ef457aecf3f3757
9cfbe2aa4d5544b278ac75bf3ebd12ee576ca054da2ddf1ead3529940891d386

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc2961d5-5c3c-41f9-9f68-1ffdbc852581.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8007
x-amzn-requestid: 308881cf-addb-4995-91fc-d8df1d91f3f2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEM1PHjMoAMFZZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b2821-5db9f4a67c2151ed1eb72837;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:37:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9uVVNK741OSPGLE1Jg_Qjdrpm_Xkp6CRFjtWDlxvcUtYO8hvadsydA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:53:43 GMT
age: 23863
etag: "2fe9ab49ee40a2aec3084ed18ef457aecf3f3757"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f6f17e-fdd5-44d5-bb67-afeda66ec08c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8799 bytes)
Hash
f852a58da0bf5c1c5b3d4c9531078b08
96b58ac0e71afe7d4ba43fa592130f3611eb6df7
d404e20f16943bf168b422da6477716f9b37f38927ce078bf19504a581558f75

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f6f17e-fdd5-44d5-bb67-afeda66ec08c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: be75e58e-a1b4-46fa-bdf2-b94a7270a86e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL3-EhrIAMFlcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b2699-544110ce3f2002e57bc3422f;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:05 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wKNlz7C47Wd9aokVCdgEIgK4KijtdK5hlL6jmV96_Xv3t5osOzqcVQ==
via: 1.1 f83d0d4febf7c22c3236bd42fa6dcd96.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:58:49 GMT
etag: "96b58ac0e71afe7d4ba43fa592130f3611eb6df7"
content-type: image/jpeg
age: 23557
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8120 bytes)
Hash
3ac5c50f8ffe0da11f1adb9f67d811cf
2b586d1c26208d6fe7df3a4cec286e28f21807ca
12414dcf4afa766503c9328fe626c2d1317a0d6838887e0dd30e9b56e85ea3d2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8120
x-amzn-requestid: 42dc2299-203a-4269-a252-e239978fe80d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7EhLHX0IAMF89g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347813a-1357899758d9403e4b920418;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 03:08:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N64ALU7tuIg6L--gmnkJq08f3A2Vn0Cl3wlRBLim7RhWN_VnCftrng==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 03:49:28 GMT
age: 2518
etag: "2b586d1c26208d6fe7df3a4cec286e28f21807ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gomydates.com/ufis/webpush/track?uaDataValues={}&networkGroup=

3.67.232.45

200 OK

30 B

URL HTTP/2
gomydates.com/ufis/webpush/track?uaDataValues={}&networkGroup=
IP
3.67.232.45:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64

HTTP Headers

POST /ufis/webpush/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1197
Origin: https://gomydates.com
Connection: keep-alive
Referer: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:26 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2

gomydates.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=

3.67.232.45

200 OK

3.2 kB

URL HTTP/2
gomydates.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
IP
3.67.232.45:0
ASN
#16509 AMAZON-02

File type
data
Size
3.2 kB (3184 bytes)
Hash
50fc703d259fd05df6c94c3fea6e44f6
5536ae75b987bd2d8711b9e3f4ab303fd9d4420a
5696afe9d4823b99a6ebee9e4e0461073e0508e992169f9e62fc0f626d602ddb

HTTP Headers

GET /ufis/webpush/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:26 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"35e5-ggvNzPbrS4iAvrqVuh7HqGhzYqo"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

gomydates.com/ufis/pwa/sw.js?uaDataValues={}&networkGroup=

3.67.232.45

200 OK

859 B

URL HTTP/2
gomydates.com/ufis/pwa/sw.js?uaDataValues={}&networkGroup=
IP
3.67.232.45:0
ASN
#16509 AMAZON-02

File type
data
Size
859 B (859 bytes)
Hash
75e2927a6493c57d38d3f62931ec1a1d
afeb464eb39f65dc41c2ed57709536b041f31f0f
1972aa34cde18b82ca0378c6c7aa9b03d405b59f618bf575465eec4e796de6b9

HTTP Headers

GET /ufis/pwa/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:26 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"8a5-jxVx3HNgm8c2Bvxd6GQ6e3r2rSU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

gomydates.com/tds/interlayer?handler=FrodiData

3.67.232.45

200 OK

0 B

URL HTTP/2
gomydates.com/tds/interlayer?handler=FrodiData
IP
3.67.232.45:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /tds/interlayer?handler=FrodiData HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 1590
Origin: https://gomydates.com
Connection: keep-alive
Referer: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
X-Firefox-Spdy: h2

gomydates.com/tds/ae?tdsId=s0624kas_r&tds_campaign=s0624kas&utm_sub=opnfnl&s1=ps&utm_source=intc&affid=9559e5a1&subid=dao&clickid={clickid}&subid2={subid2}

3.67.232.45

302 Found

0 B

URL HTTP/2
gomydates.com/tds/ae?tdsId=s0624kas_r&tds_campaign=s0624kas&utm_sub=opnfnl&s1=ps&utm_source=intc&affid=9559e5a1&subid=dao&clickid={clickid}&subid2={subid2}
IP
3.67.232.45:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tds/ae?tdsId=s0624kas_r&tds_campaign=s0624kas&utm_sub=opnfnl&s1=ps&utm_source=intc&affid=9559e5a1&subid=dao&clickid={clickid}&subid2={subid2} HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Sun, 16 Oct 2022 04:31:24 GMT
location: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
set-cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; Max-Age=31536000; Domain=.gomydates.com; Path=/; Expires=Mon, 16 Oct 2023 04:31:24 GMT; Secure; SameSite=None
dm=fe450dd0d1dadc615429144d33241f42; Max-Age=432000; Path=/; Expires=Fri, 21 Oct 2022 04:31:24 GMT
X-Firefox-Spdy: h2

cdn3reference.com/landings/23302/css/62785c7b6ca9a16c41ce1f973cf812b4.css

54.230.111.111

200 OK

0 B

URL HTTP/2
cdn3reference.com/landings/23302/css/62785c7b6ca9a16c41ce1f973cf812b4.css
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /landings/23302/css/62785c7b6ca9a16c41ce1f973cf812b4.css HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sun, 16 Oct 2022 04:31:25 GMT
last-modified: Tue, 02 Apr 2019 15:21:31 GMT
content-encoding: gzip
etag: W/"5c1-5858db10f34c0"
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bBJr3e9CM8VUfKYqTaFQsiv-ny4Ju7zCATZxhzKlxMDRuD0PEZebew==
X-Firefox-Spdy: h2

retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&j_type=open&jump=23302&jump_name=

35.157.196.4

200 OK

0 B

URL HTTP/2
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&j_type=open&jump=23302&jump_name=
IP
35.157.196.4:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&j_type=open&jump=23302&jump_name= HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:26 GMT
content-type: image/gif
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
set-cookie: dci=61727fcdb4f8352fb53a59b04b989e172ff7bc20; Max-Age=31536000; Domain=.retarget2core.com; Path=/; Expires=Mon, 16 Oct 2023 04:31:26 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2

cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8

54.230.111.111

200 OK

0 B

URL HTTP/2
cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/webPushMotivationPopupSmall.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 16 Oct 2022 04:31:25 GMT
last-modified: Wed, 31 Oct 2018 08:29:51 GMT
etag: W/"22c1-579821b2406fb"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0dViBrpOK7K513ZC9AWKkzCY3Mj5JxrEY0-OCB7bhNNFSt9SYccXAw==
X-Firefox-Spdy: h2

retarget2core.com/fp/fp_ec.js

35.157.196.4

200 OK

0 B

URL HTTP/2
retarget2core.com/fp/fp_ec.js
IP
35.157.196.4:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fp/fp_ec.js HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:26 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 13 Oct 2022 13:16:30 GMT
etag: W/"4bd-183d17d3fb0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

message-notific.club/tds/daopush

172.67.199.188

302 Found

0 B

URL HTTP/2
message-notific.club/tds/daopush
IP
172.67.199.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /tds/daopush HTTP/1.1
Host: message-notific.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Sun, 16 Oct 2022 04:31:24 GMT
content-type: text/html; charset=UTF-8
location: https://gomydates.com/tds/ae?tdsId=s0624kas_r&tds_campaign=s0624kas&utm_sub=opnfnl&s1=ps&utm_source=intc&affid=9559e5a1&subid=dao&clickid={clickid}&subid2={subid2}
access-control-allow-origin: *
set-cookie: qwerty_daopush=0; expires=Wed, 19-Oct-2022 22:31:24 GMT; Max-Age=324000; path=/
cache-control: max-age=172800, private, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQV36K%2FDJaXVarQ5qguruNMllPbjI0OItOi%2FVwxA1c7HO1zqk7pAyh1mRrkkpiV4P%2FDuzvOO1V3v37SrgjCMuLnpMbU064mrCuAHBbCqkIl6o6MxtM1wT%2Fw2ARtSV0OGxXES07zqVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75ae10909d5b0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1

3.67.232.45

200 OK

0 B

URL HTTP/2
gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
IP
3.67.232.45:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1 HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
content-type: text/html; charset=UTF-8
server: nginx
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:400,900,300%27%20rel=%27stylesheet%27%20type=%27text/css%27

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato:400,900,300%27%20rel=%27stylesheet%27%20type=%27text/css%27
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato:400,900,300%27%20rel=%27stylesheet%27%20type=%27text/css%27 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 16 Oct 2022 04:31:25 GMT
date: Sun, 16 Oct 2022 04:31:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn3reference.com/css/webPushMotivationPopupSmall.css?v=2

54.230.111.111

200 OK

0 B

URL HTTP/2
cdn3reference.com/css/webPushMotivationPopupSmall.css?v=2
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/webPushMotivationPopupSmall.css?v=2 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sun, 16 Oct 2022 04:31:25 GMT
last-modified: Wed, 31 Oct 2018 08:29:51 GMT
etag: W/"1340-579821b240313"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8ZHlu32VuzzdPJgNJWm24MybJfbLTq4PlOKXo37cm32z4EQL6D3Www==
X-Firefox-Spdy: h2

gomydates.com/bridge/frodi_data.js

3.67.232.45

200 OK

0 B

URL HTTP/2
gomydates.com/bridge/frodi_data.js
IP
3.67.232.45:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bridge/frodi_data.js HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 13 Oct 2022 13:16:30 GMT
etag: W/"19f8-183d17d3fb0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations